' DEF CON 20 CFP'

UPDATE: since yesterday was May 28th, I submitted this proposal late last night, along with another one covering a new project I’m toying with called blackGATE, more on that in a bit. Below you’ll see the extended outline that roughly sketches out what I’ll be covering in the talk.

Title

0nline Privacy In The Year of The Dragon

Abstract

User’s privacy online is constantly changing, witness Google’s March 1st consolidation of their privacy polices, the ever changing Facebook privacy policies or how commerce determine the ways policy changes for other entities - then note the lack of any opt-out when these changes occur. The important thing here is that companies are doing this not for the benefit of the user, but for the benefit of the shareholders of the company, and if they can do this now, they can do this later, or whenever suits them. Simply, a fair user policy today can change tomorrow. These changes to policies or features are designed to make user’s data, and their interaction with the site, more profitable for the company. Knowing this should signal an alarm for everyone to understand HOW their data is being stored and USED. We’ll look at recent developments this year that cause concern among privacy advocates, while poking fun at some of the silly ways these new measures are sold to the populace, then we’ll cover what can be done, to increase users’ privacy online with common sense and open source software.

Privacy tussle brews over social media monitoring – The U.S. Department of Homeland Security, the FBI and other agencies contend that social media monitoring is a vital part of their efforts to keep abreast of events that that could pose threats to national security and public safety. Privacy advocates maintain that unfettered social media monitoring by the government will chill free speech and intrude upon privacy and civil rights. The Electronic Privacy Information Center (EPIC) and other groups have noted that that at least some of the information harvested from social media sites by some government agencies has little to do with public safety goals. https://www.networkworld.com/news/2012/021612-privacy-tussle-brews-over-social-256260.html?hpg1=bn

Facebook

“By the end of the summer, it may have more than a billion users, or about fifteen per cent of the world’s population. Some of these people are restive and see Facebook as a substitute public space for speech and dissent that their own authoritarian regimes don’t provide. Facebook users have already helped to foment revolution in some places (Egypt and Tunisia) and are still trying, at great cost, to overthrow one of the Middle East’s most brutal regimes.“ http://www.newyorker.com/online/blogs/comment/2012/05/leaving-facebookistan.html#ixzz1w853THm6

Google

In 1999, Scott McNealy, the former head of Sun MicroSystems, reportedly declared, “You have zero privacy anyway….Get over it.” He unintentionally let the proverbial cat out of the bag of the digital age. In 2009, McNealy’s assessment was confirmed by Google’s CEO, Eric Schmidt. In an interview with NBC’s Mario Bartiromo, he proclaimed, “If you have something that you don’t want anyone to know maybe you shouldn’t be doing it in the first place.” Schmidt’s words have become Google’s new mantra. Welcome to 21st-century corporate morality. http://www.alternet.org/rights/155479/the_terrifying_ways_google_is_destroying_your_privacy/

how will this effect business, their employees and how their opinions/data are exposed

March 1st terms of use, change across the board, effecting 80+ different policies, all standardized - for YOUR benefit?

LinkedIn

“…all these concerns about privacy tend to be old people issues.” Reid Hoffman, the founder of LinkedIn, in a segment during last year’s World Economic Forum at Davos, Switzerland

people’s moves transmitted to the world (some small, some they don’t want to share, but do)

my neighbor, how I knew she left her job before she told me!

my “See who you know” nightmare when I played the LinkedIn game

their “support” got back to me two weeks later to say, whoops, that shouldn’t have happened.

moral, expect to be exposed, even if you ask not to be… m/k?

Other players

Spokeo, like a phone book, for 2012, and you’re not going to like what it knows, or thinks it knows about you

again, you’re not a name, you’re a number, meet “Curate.me, formerly known as XYDO Brief, is making its public debut today after a 6-month invitation-only beta period which attracted some 20,000 users. Essentially, the service delivers personalized news to your email inbox based on your interests and data mined from your favorite social networks and news sources.”

more, with a more direct “your privacy is our profit” profit model, warning - these will annoy you!

Beenverified.com – Your data for sale (https://safeshepherd.com/beenverified) Over the past few months we’ve received a flood of complaints about the people-search website BeenVerified.com; our users had issues ranging from privacy violations to blatantly bad business practices.

Bing how are they stacking up versus Google? After all, MS has ads too, what have they done to monotone their user(s?) data? is the tracking as pervasive, what are their methods of sharing what they know (any type of dashboard from them? opt-out options?)

File syncing/backup/sharing

Dropbox

old news, but replay it quickly…

the case, EFF involvement, Chris S’s work on the topic

iCloud (Apple)

why should you be concerned about Lion/Mountain Lion’s pushing everything to the (i)cloud

Use better passwords

use ones that not only are hard to guess, ones that are impossible to remember! (go over my new way of choosing/using passwords)

I hope my ideas on passwords will be considered, and challenged if others have a better method - something needs to be done, this is still a disaster waiting to happen (over and over again)

Conclusion(s)

If this stuff concerns you - Get involved, speak out, use tools/techniques outlined here, tell others, make noise about it! And now, the 2nd annual handout of Tootise Pops at the front of the stage, always a great ice breaker!